Release Notes SD-WAN 7.1.0 Collector

Edit online

Below please find the Release Notes for SD-WAN 7.1.0 collector. Please contact your Technical Account Manager (if applicable) or Systems Engineering Team or Support Team to discuss and plan the installation. Thank you for being a customer.

Note: Terminology usage...

In SD-WAN guides if there is,

  • [any reference to master] OR
  • [[if a CLI command (for NMS or Kubernetes or Redis) contains master] AND/OR
  • [its output contains master]], it means leader or control plane.

And, if there is any reference to slave or worker, it means follower or agent.

Browser Requirements

Edit online

Minimum Resolution:1200x768 Browsers:

  • Modern, standards-compliant browser
  • JavaScript enabled
  • Pop-up blocker disabled for hostname/IP

The following browsers are supported in the current versions of SevOne.

Browser

Vendor Family
Google Chrome
Mozilla Firefox
Important: Please use the latest browser version for Chrome and Firefox.

Resources & Requirements

Edit online
Resource Requirement
SevOne NMS Please refer to Compatibility Matrix below for SevOne NMS versions supported.
Helm 3.13.1
Kubernetes 1.28.10+k3s1 (for upgrades)

1.28.10+k3s1 (for new provisioning)

Important: If the installed Kubernetes version in your setup is not supported by SD-WAN collector you are provisioning, you will get an error message. Kubernetes must be upgraded prior to upgrading SD-WAN collector.
SOA >=7.1.0
Kernel 4.18.0-553.5.1.el8_10.x86_64
Ports Required Please refer to SevOne NMS Port Number Requirements Guide > section Solutions Deployment.
VMware vSphere Client >=6.5
Signature Tools
Note: The latest files can be downloaded from IBM Passport Advantage (https://www.ibm.com/software/passportadvantage/pao_download_software.html) via Passport Advantage Online. However, if you are on a legacy / flexible SevOne contract and do not have access to IBM Passport Advantage but have an active Support contract, please contact SevOne Support Team for the file.

Once you have downloaded the package, unpack the fix / install / upgrade packs to obtain the required files.

  • signature-tools-v2.0.3-build.1.tgz
  • signature-tools-v2.0.3-build.1.tgz .sha256.txt
Other
Note: The latest files can be downloaded from IBM Passport Advantage (https://www.ibm.com/software/passportadvantage/pao_download_software.html) via Passport Advantage Online. However, if you are on a legacy / flexible SevOne contract and do not have access to IBM Passport Advantage but have an active Support contract, please contact SevOne Support Team for the files.

Once you have downloaded the package, unpack the fix / install / upgrade packs to obtain the required files.

SD-WAN Widgets
  • sdwan-widgets-v7.1.0-build.8.tar.gz
  • sdwan-widgets-v7.1.0-build.8.tar.gz.sha256.txt
VeloCloud is packaged with SevOne NMS as a SDWAN plugin.

Summary for complex table
File Type Versa Viptela Fortinet
TAR sevone_solutions_sdwan_versa-v7.1.0-build.54.tgz sevone_solutions_sdwan_viptela-v7.1.0-build.56.tgz sdwan-fortinet-installation-v7.1.0-build.31.tgz
CHECKSUM sevone_solutions_sdwan_versa-v7.1.0-build.54.tgz.sha256.txt sevone_solutions_sdwan_viptela-v7.1.0-build.56.tgz.sha256.txt sdwan-fortinet-installation-v7.1.0-build.31.tgz.sha256.txt
OVA sevone_solutions_sdwan_versa-v7.1.0-build.54.ova sevone_solutions_sdwan_viptela-v7.1.0-build.56.ova n/a
QCOW2 sevone_solutions_sdwan_versa-v7.1.0-build.54.qcow2.gz sevone_solutions_sdwan_viptela-v7.1.0-build.56.qcow2.gz n/a
ISO sevone_solutions_sdwan_versa-v7.1.0-build.54.iso sevone_solutions_sdwan_viptela-v7.1.0-build.56.iso n/a
VHD sevone_solutions_sdwan_versa-v7.1.0-build.54.vhd.gz sevone_solutions_sdwan_viptela-v7.1.0-build.56.vhd.gz n/a

Facts & Limitations

Edit online

The following notes are some facts and limitations that you must be aware of.

Important: SevOne NMS versions > 7.1.0 and SevOne Data Insight versions > 7.1.0 should ideally work with SD-WAN 7.1.0 unless there is some backward compatibility issue which may prevent it from working.
Important: Viptela Collector: vManage rate limits

The vManage overall rate limit is 450 requests per second. Currently, it has an API route related to device statistics which has a much lower rate limit of 43 requests per minute (or 0.72 requests per second). These rate limits are used as default rates in the Viptela collector configuration.

For the Viptela collector, each Agent has a vManage session.

Please refer to https://developer.cisco.com/docs/sdwan/#!browsing-returned-results-sorting-results-filtering-results-and-rate-limits/understanding-pagination for details.

Important: Viptela Collector: vManage data (Case change for names)

Collector handles the case change scenario for vManage data. Migration script removes the device / object group rules and adds new case-insensitive rules in the next run of deviceDescription / objectDescription agent.

Limitations:
  • Collector handles the case change only and not a complete name change.
  • In case of device name changes, collector does not change the actual device name in SevOne NMS. However, it keeps pushing data in the existing device.
  • In case of site / tenant name changes, collector does not update the device / object group name in SevOne NMS. However, it holds all the devices / objects available in the group.
  • In case of interface name changes, collector does not update the interface, interface queue, or tunnel name. However, it keeps pushing data for that object.
  • Collector does not support a scenario in which the device / interface name is same with a case difference in vManage. For example, device names, abc and ABC are not allowed.
Important: Viptela / Versa Collector

When upgrading the collector from a newly deployed SD-WAN 2.9 or SD-WAN 2.10 OVA to SD-WAN 7.1.0, please perform the steps mentioned in SD-WAN Viptela Collector Troubleshooting Guide or SD-WAN Versa Collector Troubleshooting Guide > section Upgrade Collector.

Important: Versa Collector

Tunnel data is coming from two different sources (sdwanB2BSlamLog and monStatsLog). Hence, the data gap might be visible in SevOne NMS.

Important: for Fresh Installs or Upgrades

The SOA version on SevOne NMS must be >= 7.1.0 otherwise, the pre-checks will fail. SD-WAN 7.1.0 package contains (SOA 7.1.0) .rpm file. Execute the following command to upgrade the SOA version on SevOne NMS.

Note: SOA Version

SOA must be on the latest version on all appliances in SevOne NMS cluster. Command Line Interface (CLI) must be used to upgrade SOA on all peers as the graphical user interface (GUI) only upgrades SOA for the NMS appliance you are connected to.

Execute the command to install / upgrade SOA only on NMS' Cluster Master and HSA 
sevone-cli soa upgrade \
/opt/SevOne/upgrade/utilities/SevOne-soa-*.rpm
Execute the command to install / upgrade SOA on ALL peers in the NMS cluster 
sevone-cli soa upgrade \
/opt/SevOne/upgrade/utilities/SevOne-soa-*.rpm \
--all-peers

Compatibility Matrix

Edit online
Collector / Augmenter SevOne NMS NMS REST API Widget Version SOA Version SevOne Data Insight
7.1

7.1.0 (T & S)

7.0.0 (T & S)

6.8.0 (T & S)

 2.1.47 7.1.0 >=7.1.0 7.1 (T & S)

CONTROLLERS

Versa Viptela Fortinet VeloCloud

- 21.1.4 (T & S)

- 22.1.2 (S)

- 21.2.3 (S)

vManage:

- 20.13.1 (S)

- 20.11.1.1 (T & S)

- 20.9.4 (S)

- 20.9.1 (S)

- 20.6.4 (T & S)

- 20.6.2.1 (S)

- 20.5.1.2 (S)

- 20.5.1 (S)

- 20.4.1.1 (S)

- 20.3.6 (S)

- 20.3.5 (T & S)

- 20.3.4.1 (S)

- 20.3.4 (S)

- 20.3.3.1 (S)

- 20.3.1 (S)

- 20.1.1 (S)

- 19.2.2 (S)

- 18.3.4 (S)

vEdge:

- 20.9.1 (T & S)

- 20.6.1 - .2 (T & S)

- 18.3.4 (S)

cEdge:

- 17.9.1 (T & S)

- 17.6.02 (T & S)

- 16.9.2 (S)

v7.4.2 FortiManager (T & S)

v7.4.1 FortiManager (S)

VMware SASE 5.4.0.1 (T & S)

VMware SASE 5.4.0.0 (S)
Other Requirements

Minimum resource needed on NMS:

CPU: 4 or more

RAM: 8GB or more

HDD: 20GB or more

Minimum resource needed on NMS:

CPU: 4 or more

RAM: 8GB or more

HDD: 20GB or more

 Fortinet Plugin comes integrated with SevOne NMS. If there are specific NMS hardware sizing requirements, please contact IBM SevOne Support. VeloCloud Plugin comes integrated with SevOne NMS. If there are specific NMS hardware sizing requirements, please contact IBM SevOne Support.
Note: For additional details on hardware requirements such as, CPUs, RAM, flow limits, number of rack units, etc., for various hardware components, please contact your SevOne Technical Account Manager.
  • T & S - Tested & Supported
  • S - Supported
Note: SevOne Data Insight
  • Please refer to Release Notes SevOne Data Insight for details.
SevOne NMS
  • An administrator-level account in SevOne NMS.
  • User name and password for the administrator-level account.
  • IP address of the PAS.
  • 20k (vPAS_20K) appliance (minimum requirement).

Resolved Issues

Edit online
Component/s Key Release Notes
SDWAN Versa / Viptela S1NPM-77542 Versa / Viptela Collectors: After deleting a deployment using the command sevone-cli solutions stop_collector and attempting to reinstall the collector using the sevone-cli solutions reload command, the reinstall completes successfully.
SDWAN-VeloCloud S1NPM-77611

VeloCloud: The following object has been added along with its associated indicators.

Object: Advanced Health

Indicators:

  • Over Capacity Drops
  • Tunnel Count
SDWAN Cisco Catalyst S1NPM-109858 Viptela Collector: Supports data collection for multi-tenancy enabled vManage. A new configurable variable, collectorConfig.vendor.vmanage_api.tenant_name, has been added to allow users to specify the tenant name for which the data needs to be collected. And, this supports data collection for a single tenant at a time during helm deployment.
SDWAN Versa S1NPM-111031

Versa Collector: The following indicators have been added to Interface object from IntfUtilLog when the InterfaceStatStreamingAgent is enabled.

Object: Interface object

Indicators:

  • up_capacity_percentage
  • down_capacity_percentage

5 issues

CVEs / CWEs

Edit online
Important: It is strongly recommended to run the external security scans such as Nessus, Snyk, or similar on the latest available patch for this release to verify whether the vulnerability has been addressed. If upgrading the production environment is not currently possible, these scans can still be performed in a lab or test environment.
CVEs CVEs (continued) CVEs (continued)

CVE-2020-26555

CVE-2021-46909

CVE-2021-46939

CVE-2021-46972

CVE-2021-47018

CVE-2021-47069

CVE-2021-47073

CVE-2021-47236

CVE-2021-47257

CVE-2021-47284

CVE-2021-47304

CVE-2021-47310

CVE-2021-47311

CVE-2021-47353

CVE-2021-47356

CVE-2021-47373

CVE-2021-47408

CVE-2021-47456

CVE-2021-47461

CVE-2021-47468

CVE-2021-47491

CVE-2021-47495

CVE-2021-47548

CVE-2021-47579

CVE-2021-47624

CVE-2022-48632

CVE-2022-48743

CVE-2022-48747

CVE-2022-48757

CVE-2023-5090

CVE-2023-28746

CVE-2023-52451

CVE-2023-52463

CVE-2023-52464

CVE-2023-52469

CVE-2023-52471

CVE-2023-52486

CVE-2023-52530

CVE-2023-52560

CVE-2023-52615

CVE-2023-52619

CVE-2023-52622

CVE-2023-52623

CVE-2023-52626

CVE-2023-52648

CVE-2023-52653

CVE-2023-52658

CVE-2023-52662

CVE-2023-52667

CVE-2023-52669

CVE-2023-52675

CVE-2023-52679

CVE-2023-52686

CVE-2023-52700

CVE-2023-52703

CVE-2023-52707

CVE-2023-52730

CVE-2023-52756

CVE-2023-52762

CVE-2023-52764

CVE-2023-52775

CVE-2023-52777

CVE-2023-52781

CVE-2023-52784

CVE-2023-52791

CVE-2023-52796

CVE-2023-52803

CVE-2023-52811

CVE-2023-52813

CVE-2023-52832

CVE-2023-52834

CVE-2023-52835

CVE-2023-52845

CVE-2023-52847

CVE-2023-52864

CVE-2023-52877

CVE-2023-52878

CVE-2023-52881

CVE-2024-1737

CVE-2024-1975

CVE-2024-2201

CVE-2024-6345

CVE-2024-21823

CVE-2024-25739

CVE-2024-26583

CVE-2024-26584

CVE-2024-26585

CVE-2024-26586

CVE-2024-26614

CVE-2024-26640

CVE-2024-26656

CVE-2024-26660

CVE-2024-26669

CVE-2024-26675

CVE-2024-26686

CVE-2024-26698

CVE-2024-26704

CVE-2024-26733

CVE-2024-26735

CVE-2024-26740

CVE-2024-26759

CVE-2024-26772

CVE-2024-26773

CVE-2024-26801

CVE-2024-26802

CVE-2024-26804

CVE-2024-26810

CVE-2024-26826

CVE-2024-26837

CVE-2024-26840

CVE-2024-26843

CVE-2024-26852

CVE-2024-26853

CVE-2024-26859

CVE-2024-26870

CVE-2024-26878

CVE-2024-26906

CVE-2024-26907

CVE-2024-26908

CVE-2024-26921

CVE-2024-26925

CVE-2024-26940

CVE-2024-26958

CVE-2024-26960

CVE-2024-26961

CVE-2024-26974

CVE-2024-26982

CVE-2024-27010

CVE-2024-27011

CVE-2024-27019

CVE-2024-27020

CVE-2024-27025

CVE-2024-27065

CVE-2024-27388

CVE-2024-27395

CVE-2024-27397

CVE-2024-27410

CVE-2024-27434

CVE-2024-31076

CVE-2024-33621

CVE-2024-35789

CVE-2024-35790

CVE-2024-35801

CVE-2024-35807

CVE-2024-35810

CVE-2024-35814

CVE-2024-35823

CVE-2024-35824

CVE-2024-35835

CVE-2024-35838

CVE-2024-35845

CVE-2024-35847

CVE-2024-35852

CVE-2024-35853

CVE-2024-35854

CVE-2024-35855

CVE-2024-35876

CVE-2024-35888

CVE-2024-35890

CVE-2024-35893

CVE-2024-35896

CVE-2024-35897

CVE-2024-35899

CVE-2024-35900

CVE-2024-35910

CVE-2024-35912

CVE-2024-35924

CVE-2024-35925

CVE-2024-35930

CVE-2024-35937

CVE-2024-35938

CVE-2024-35946

CVE-2024-35947

CVE-2024-35952

CVE-2024-35958

CVE-2024-35959

CVE-2024-35960

CVE-2024-35962

CVE-2024-36000

CVE-2024-36004

CVE-2024-36005

CVE-2024-36006

CVE-2024-36007

CVE-2024-36010

CVE-2024-36016

CVE-2024-36017

CVE-2024-36020

CVE-2024-36025

CVE-2024-36270

CVE-2024-36286

CVE-2024-36489

CVE-2024-36886

CVE-2024-36889

CVE-2024-36896

CVE-2024-36904

CVE-2024-36905

CVE-2024-36917

CVE-2024-36921

CVE-2024-36924

CVE-2024-36927

CVE-2024-36929

CVE-2024-36933

CVE-2024-36940

CVE-2024-36941

CVE-2024-36945

CVE-2024-36950

CVE-2024-36952

CVE-2024-36954

CVE-2024-36960

CVE-2024-36971

CVE-2024-36978

CVE-2024-36979

CVE-2024-37890

CVE-2024-38428

CVE-2024-38538

CVE-2024-38555

CVE-2024-38573

CVE-2024-38575

CVE-2024-38596

CVE-2024-38598

CVE-2024-38615

CVE-2024-38627

CVE-2024-39276

CVE-2024-39472

CVE-2024-39476

CVE-2024-39487

CVE-2024-39502

CVE-2024-40927

CVE-2024-40974

CWE-79

CWE-400

CWE-770

Known Issues

Edit online
Warning: FYI
  • The default interval for the updation of the augmenter cache is 24 hours. If a policy is changed or added on vManage, it is necessary to update the cache forcefully to augment the flows correctly. Please run the PolicyParserAgent to update the cache forcefully.
    Note: Applicable to Viptela Collector only.
    • kubectl exec <COLLECTOR_POD_ID> -- ./collector-viptela -run PolicyParserAgent
    • To find the <COLLECTOR_POD_ID>, execute the following command. 
      kubectl get pods
  • Data gaps might be seen on the graphs in SevOne NMS for indicators of the objects of type SD-WAN Device Health as they are being polled at different timestamps. For example, SevOne NMS shows the data for the following indicators related to SD-WAN Device Health object.
    • memory_utilization
    • disk_utilization
    • cpu_utilization

    When querying data for these indicators from vManage, if the data is missing for any of the indicators, then the data gap might be visible in SevOne NMS.

  • If you are using SevOne NMS version < 5.7.2.23 (without the NMS-75375 hotfix), you may experience an impact on the performance of the collector. At a same time, collectors will not support tunnels > 10k.
  • Widgets
    • When the alternate name is enabled in SevOne Data Insight, Network Topology Widget 2.8.x / 2.9 does not show any tunnels for SD-WAN 2.6 collectors.

Summary for complex table
Component/s Key Known Issues
SDWAN Cisco Analyst S1NPM-77627 Viptela / Versa Collectors: When installing / upgrading the collector via GUI, you can proceed to the Upgrade SOA stage in the following scenarios:
  • Without selecting or updating the configuration file (in the Config stage).
  • Even if there are errors in the configuration file (in the Config stage).
SDWAN Solution, SDWAN Versa, SDWAN Cisco Catalyst S1NPM-100519 Platform: Depending on the scale of the environment, jaeger may quickly consume its allotted memory and in turn, restart. The maximum allotted memory can be adjusted when Jaeger is enabled.
SDWAN Solution, SDWAN Versa S1NPM-100816 Versa Collector: Tunnel objects will be pinned to their respective object groups either after 24 hours or according to the discovery schedule in SevOne NMS.
SDWAN Viptela S1NPM-101063 Viptela Collector: When updating the Installer Agent, the BFD_SESSIONS cache key gets updated based on received BFDSession data. The TunnelStatAgent parses the BFD Session data and updates the availability and transition indicators accordingly.

If BFD Session data is not found for a specific object, the following occurs:

  • Not found bfd session for key warning string is logged in the collector logs.
  • The ApprouteStatStatistic response displays a down state for the specific objectName.
  • Empty values appear for availability and transition indicators on NMS.
  • Gaps may appear on the NMS graph for these indicators, which is expected behavior.
SDWAN Solution, SDWAN Versa S1NPM-101078

Versa Collector: When upgrading the SD-WAN Versa Collector from version 2.15 or later to 7.0.0 or above, you may encounter the following error.

msg": "Timeout when waiting...

To resolve this issue, perform the following steps:

  1. Login to master node, applicable for both single and multi-node scenarios.
  2. sevone-cli playbook reset
  3. sudo reboot
  4. sevone-cli cluster up
  5. sevone-cli playbook postcheck
SDWAN Fortinet S1NPM-109504

Fortinet Collector: During a fresh installation or upgrade, the SDWAN plugin will not automatically activate the HTTP plugin in the Fortinet device. As a result, HTTP objects will not be created, and data collection will not occur on the Fortinet device. This is an expected behavior.

However, manually enabling the SDWAN plugin activates the HTTP plugin and creates an HTTP object. Data collection begins after the next automatic or manual rediscovery of the Fortinet device, allowing the device to effectively monitor the network and connectivity issues.
SDWAN Cisco Catalyst S1NPM-109664 Viptela Collector: When the NEXT_HOP_IP field is not present in a flow, the following fields will be set to Unknown.
  • Wan Path Source (4323)
  • Wan Path Source Alternate Name (4354)
  • Wan Path Destination (4323)
  • Wan Path Destination Alternate Name (4355)
  • Tunnel (4353)
  • Tunnel Alternate Name (4356)
SDWAN Solution S1NPM-110248 Platform: In a multi-node, multi-vDirector setup, the Collector and Augmenter Evidence Framework is currently unable to collect evidence information or generate the .tar.gz file. However, the must-gather functionality continues to work as expected.
SDWAN Cisco Catalyst S1NPM-110676 Viptela Collector: Upgrading the collector from version 6.7.5 or above to Red Hat Enterprise Linux (RHEL) versions 6.8 or above fails with the error No package matching 'convert2rhel' found because the yum metadata still refers to the previously installed CentOS package.
Workaround: Run the following command and repeat the upgrade process. For more details, please refer to SD-WAN Viptela Collector Upgrade Process Guide. 
sudo yum clean metadata
SDWAN Solution S1NPM-112181

Platform: Interface statistics are not generated for the sub-interfaces; an expected behavior from Cisco. sdwan::device-interface objects for interfaces are created to provide interface statistics datapoints.

Since the mapping is performed for interface objects available in SevOne NMS, the ifIndex is not renamed to interface name for the sub-interfaces in Flow Interface Manager.
SDWAN Solution S1NPM-112216 Platform: The requester ID's data source is used to load the OOTB report during the post-check process. However, if multiple users are present in SevOne Data Insight, the post-check task that loads OOTB reports is expected to fail with the an error in the post-check output under the Execute script to load OOTB report task as shown below.

Error: Type Error: "None Type" object is not subscriptable.

Workaround: By following these steps, you should be able to retrieve the requester's user datasource, update the post-checks, and complete the post-check process without any errors.

  1. Create a backup of the current version of client.py file. 
    
cp /opt/SevOne/upgrade/ansible/playbooks/roles/reports/files/di_client/client.py \
/opt/SevOne/upgrade/ansible/playbooks/roles/reports/files/di_client/client.py.bkp
  2. Run the following command to obtain the token. 
    
curl -X POST -L -k 'http://<hostname>/retinaserver' --header 'Content-Type: application/json' \
--data-raw '{"query":"mutation($user:String!, $password:String!, $tenant:String!)
{\nauthenticate(name: $user, password: $password, tenant: $tenant){\nsuccess\ntoken\n}\n}",
"variables":{"user":"<user>","password":"<password>","tenant":"<tenant>"}}'
    Note:

    where,

    • <hostname> - collectorConfig.di.api[0].host in the config file
    • <user> - collectorService.di.api.username in the config file

      Run the following command to obtain the decoded username.

      
echo -n <base64 encoded SevOne Data Insight username> | base64 --decode
    • <password> - collectorService.di.api.password in the config file

      Run the following command to obtain the decoded password.

      
echo -n <base64 encoded SevOne Data Insight password> | base64 --decode
    • <tenant> - collectorConfig.di.api[0].tenant in the config file
  3. Run the following command, replacing <token> with the token obtained from the previous step. 
    
curl -X POST -L -k 'http://<hostname>/retinaserver' --header 'x-auth-token:<token>' \
--header 'Content-Type: application/json' \
--data-raw '{"query":"query getAllDatasources {\n users {\n  tenant {\n   datasources {\n    id\n    name\n    address\n   }\n  }\n }\n}","variables":"{}"}'
  4. Based on the output from the previous step, locate the entry where the datasources key is not None and take note of its index. If the output resembles the example below, the index is 1.

    Example:

    
Output:

[{'tenant': None},

{'tenant': {'datasources': [{'id': 4, 'name': 'device01', 'address': 'http://example.net'}]}}},

{'tenant': None}]
  5. Run the following command, replacing <your index here> with the index obtained from the previous step. 
    
sed -i "s/data = result\['data'\]\['users'\]\[0\]/data = result\['data'\]\['users'\]\[<your index here>\]/" \
/opt/SevOne/upgrade/ansible/playbooks/roles/reports/files/di_client/client.py
  6. Rerun the post-check. 
    sevone-cli playbook postcheck

The task Execute script to load the OOTB report has now completed successfully.
SDWAN Velocloud S1NPM-112223

VeloCloud Collector: During a fresh installation or upgrade, the SDWAN plugin will not automatically activate the HTTP plugin in the VeloCloud device. As a result, HTTP objects will not be created, and data collection will not occur on the VeloCloud device. This is an expected behavior.

However, manually enabling the SDWAN plugin activates the HTTP plugin and creates an HTTP object. Data collection begins after the next automatic or manual rediscovery of the VeloCloud device, allowing the device to effectively monitor the network and connectivity issues.
SDWAN Cisco Catalyst, SDWAN Versa S1NPM-112339 Versa Collector: When upgrading a single-node or multi-node Versa setup from version 6.8.x or later to 7.1.x, executing the command below may trigger an error, which is an expected behavior. 
/usr/local/sbin/SevOne-validate-image \
-i $(ls -Art /opt/SevOne/upgrade/sevone_solutions_sdwan_versa-*.tgz | tail -n 1) \
-s $(ls -Art /opt/SevOne/upgrade/sevone_solutions_sdwan_versa-*.tgz.sha256.txt | tail -n 1) \
--installer solutions  --installer-opts '--no_screen'

Error:

TASK [helm upgrade/install default/solutions-sdwan-versa] ***************************************************************************
fatal: [sevonek8s]: 
FAILED! => {"changed": true, "cmd": "helm upgrade solutions-sdwan-versa local/solutions-sdwan-versa -o json --install --create-namespace 
--namespace default --timeout=5m --insecure-skip-tls-verify --devel --atomic  -f /tmp/ansible.wLFGEx/solutions-sdwan-versa_custom_guii.yaml  \n", 
"delta": "0:10:02.543798", "end": "2023-03-27 02:44:03.478942", "msg": 
"non-zero return code", "rc": 1, "start": "2023-03-27 02:34:00.935144", 
"stderr": "W0327 02:34:02.451394  997524 warnings.go:70] spec.template.spec.containers[0].env[7].name: duplicate name 
\"MINER_DATA_SOURCE\"\nW0327 02:34:02.712946  997524 warnings.go:70] spec.template.spec.containers[0].env[4].name: 
duplicate name \"SECRETS_API_NAME\"\nW0327 02:39:03.266490  997524 warnings.go:70] spec.template.spec.containers[0].env[7].name: duplicate name 
\"MINER_DATA_SOURCE\"\nW0327 02:39:03.348819  997524 warnings.go:70] spec.template.spec.containers[0].env[4].name: duplicate name \"SECRETS_API_NAME\"\nError: 
UPGRADE FAILED: an error occurred while rolling back the release. original upgrade error: timed out waiting for the condition: release solutions-sdwan-versa failed: 
timed out waiting for the condition", "stderr_lines": ["W0327 02:34:02.451394  997524 warnings.go:70] spec.template.spec.containers[0].env[7].name: 
duplicate name \"MINER_DATA_SOURCE\"", "W0327 02:34:02.712946  997524 warnings.go:70] spec.template.spec.containers[0].env[4].name: duplicate name 
\"SECRETS_API_NAME\"", "W0327 02:39:03.266490  997524 warnings.go:70] spec.template.spec.containers[0].env[7].name: duplicate name \"MINER_DATA_SOURCE\"", 
"W0327 02:39:03.348819  997524 warnings.go:70] spec.template.spec.containers[0].env[4].name: duplicate name \"SECRETS_API_NAME\"", 
"Error: UPGRADE FAILED: an error occurred while rolling back the release. original upgrade error: timed out waiting for the condition: 
release solutions-sdwan-versa failed: timed out waiting for the condition"], "stdout": "", "stdout_lines": []}

Workaround: Run the commands as shown below and proceed with the upgrade process.

ssh sevone@<SD-WAN collector 'control plane' node IP address or hostname>
sevone-cli cluster down
sevone-cli cluster up

Please refer to SD-WAN Versa Collector Upgrade Process Guide for details.
SDWAN VeloCloud S1NPM-112408 VeloCloud: When upgrading VeloCloud from 7.0.0 or above to version 7.1.0, the VeloCloudSDWAN-DI-OOTB-Reports.tar file is still present in the /config/collectors/sdwan/velocloud/spk directory. This is an expected behavior.
SDWAN Viptela

S1NPM-112547 / S1NPM-112715

 Viptela Collector: After successful upgrade from version 7.1.0 to 7.1.x, the Viptela Summary Report in GUI displays a SevOne Data Insight migration error as shown below.

viptelaDataInsightMigrationError

>

Workaround: Please click on Try to load anyway to proceed with loading the report without any conflicts.
SDWAN Cisco Catalyst S1NPM-112561 Viptela Collector: In a multi-node Viptela setup, performing a Command Line Interface upgrade from version 6.8.x or later to 7.1.x may trigger an error when running the command below, which is expected behavior. 

/usr/local/sbin/SevOne-validate-image \
-i $(ls -Art /opt/SevOne/upgrade/sevone_solutions_sdwan_viptela-*.tgz | tail -n 1) \
-s $(ls -Art /opt/SevOne/upgrade/sevone_solutions_sdwan_viptela-*.tgz.sha256.txt | tail -n 1) \
--installer solutions  --installer-opts '--no_screen'
Error:

TASK [helm : helm upgrade/install default/solutions-sdwan-viptela] *****************************************************
fatal: [sevonek8s]: FAILED! =>

{"changed": true, "cmd": "helm upgrade solutions-sdwan-viptela local/solutions-sdwan-viptela -o json --install 
--create-namespace --namespace default --timeout=5m --insecure-skip-tls-verify --devel --atomic  -f 
/tmp/ansible.phf6sgc1/solutions-sdwan-viptela_custom_guii.yaml   --set=multiTenant=False\n",
 "delta": "0:05:36.590937", "end": "2024-09-25 11:39:10.474620",
 "msg": "non-zero return code", "rc": 1, "start": "2024-09-25 11:33:33.883683",
 "stderr": "W0925 11:33:47.000633 1465726 warnings.go:70] spec.template.spec.containers[0].env[4].name: duplicate name 
\"SECRETS_API_NAME\"\nW0925 11:38:48.180808 1465726 warnings.go:70] spec.template.spec.containers[0].env[4].name: duplicate name 
\"SECRETS_API_NAME\"\nError: UPGRADE FAILED: release solutions-sdwan-viptela failed, and has been rolled back 
due to atomic being set: context deadline exceeded",
 "stderr_lines": ["W0925 11:33:47.000633 1465726 warnings.go:70] spec.template.spec.containers[0].env[4].name: duplicate name 
\"SECRETS_API_NAME\"", "W0925 11:38:48.180808 1465726 warnings.go:70]spec.template.spec.containers[0].env[4].name: duplicate name 
\"SECRETS_API_NAME\"", "Error: UPGRADE FAILED: release solutions-sdwan-viptela failed, and has been rolled back due to atomic being set: 
context deadline exceeded"],
 "stdout": "", "stdout_lines": []}

Workaround: Rerun the command above and proceed with the upgrade process.

Please refer to SD-WAN Viptela Collector Upgrade Process Guide for details.
SDWAN Versa S1NPM-112731 Versa Collector: When installing / upgrading the collector, running the command below to import the OOTB reports during post-check, may trigger an error. This is an expected behavior. 
sevone-cli playbook postcheck

Error:

TASK [reports : Check script response] *************************************************
****************************************************************************************
fatal: [sevonek8s]: FAILED! => {"changed": false, "msg": "AUTHENTICATING CLIENT...\nFETCHING ALL DATASOURCES...\nSELECTED DATASOURCE: 'SevOne' WITH ADDRESS: 
'10.49.12.97'\nUPLOADING REPORTS...\nRESULTS\n----------\nSUCCESS: Indicator Summary Calendar View     \nSUCCESS: SDWAN Device Health Object Summary

Workaround: The OOTB reports are still imported, and the installation or upgrade during post-check will continue as expected without any conflicts. Please refer to Versa Collector - Deployment guides for details.
SDWAN Viptela Viptela Collector: When installing / upgrading the collector, running the command below to import the OOTB reports during post-check, may trigger an error. This is an expected behavior. 
sevone-cli playbook postcheck

Error:

TASK [reports : Check script response] *************************************************
****************************************************************************************
fatal: [sevonek8s]: FAILED! => {"changed": false, "msg": "AUTHENTICATING CLIENT...\nFETCHING ALL DATASOURCES...\nSELECTED DATASOURCE: 'SevOne' WITH ADDRESS: 
'10.49.12.97'\nUPLOADING REPORTS...\nRESULTS\n----------\nSUCCESS: Indicator Summary Calendar View     \nSUCCESS: SDWAN Device Health Object Summary

Workaround: The OOTB reports are still imported, and the installation or upgrade during post-check will continue as expected without any conflicts. Please refer to Viptela Collector - Deployment guides for details.
SDWAN Solution S1NPM-113717
Platform: The MetadataAgent fails to complete metadata updates for devices/objects because its runtime exceeds the default 1hour timeout limit. As a result, the metadata is not accurately reflected in the device/object with the following error. 
2024-06-24T16:49:37Z ERR agent run canceled error="context deadline exceeded" agent=MetadataAgent
Workaround:
  1. Locate and change the timeout for MetadataAgent from 1h to greater than or equal to 2h (but, less than 12h) in the config file, /opt/SevOne/chartconfs/<config-file>, as shown below. 
    
collectorConfig:

agent:

override:

MetadataAgent:

timeout: 2h
  2. Run the below command in the collector to apply the changes. 
    sevone-cli solutions reload
  3. Manually execute the below command in separate screen session if needed, or wait for its next automatic cycle and then check the logs. 
    sevone-cli solutions run_agent --deployment_name solutions-sdwan-viptela --agent_name MetadataAgent --log_level info > /tmp/metadataLog.log
SDWAN Solution S1NPM-117472 Device and object metadata may appear incomplete in SevOne NMS, with the Viptela / Versa Metadata Agent reporting the following message: 2024-06-24T16:49:37Z ERR agent run canceled error="context deadline exceeded" agent=MetadataAgent

19 issues